summaryrefslogtreecommitdiff
path: root/src/mscorlib/src/System/Security/Permissions/keycontainerpermission.cs
diff options
context:
space:
mode:
Diffstat (limited to 'src/mscorlib/src/System/Security/Permissions/keycontainerpermission.cs')
-rw-r--r--src/mscorlib/src/System/Security/Permissions/keycontainerpermission.cs634
1 files changed, 0 insertions, 634 deletions
diff --git a/src/mscorlib/src/System/Security/Permissions/keycontainerpermission.cs b/src/mscorlib/src/System/Security/Permissions/keycontainerpermission.cs
deleted file mode 100644
index d4f1c27..0000000
--- a/src/mscorlib/src/System/Security/Permissions/keycontainerpermission.cs
+++ /dev/null
@@ -1,634 +0,0 @@
-// Licensed to the .NET Foundation under one or more agreements.
-// The .NET Foundation licenses this file to you under the MIT license.
-// See the LICENSE file in the project root for more information.
-
-namespace System.Security.Permissions {
- using System;
- using System.Collections;
- using System.Collections.Generic;
-#if FEATURE_CRYPTO
- using System.Security.Cryptography;
-#endif
- using System.Security.Util;
- using System.Globalization;
- using System.Diagnostics;
- using System.Diagnostics.Contracts;
-
-[Serializable]
- [Flags]
- [System.Runtime.InteropServices.ComVisible(true)]
- public enum KeyContainerPermissionFlags {
- NoFlags = 0x0000,
-
- Create = 0x0001,
- Open = 0x0002,
- Delete = 0x0004,
-
- Import = 0x0010,
- Export = 0x0020,
-
- Sign = 0x0100,
- Decrypt = 0x0200,
-
- ViewAcl = 0x1000,
- ChangeAcl = 0x2000,
-
- AllFlags = 0x3337
- }
-
- [Serializable]
- [System.Runtime.InteropServices.ComVisible(true)]
- public sealed class KeyContainerPermissionAccessEntry {
- private string m_keyStore;
- private string m_providerName;
- private int m_providerType;
- private string m_keyContainerName;
- private int m_keySpec;
- private KeyContainerPermissionFlags m_flags;
-
- internal KeyContainerPermissionAccessEntry(KeyContainerPermissionAccessEntry accessEntry) :
- this (accessEntry.KeyStore, accessEntry.ProviderName, accessEntry.ProviderType, accessEntry.KeyContainerName,
- accessEntry.KeySpec, accessEntry.Flags) {
- }
-
- public KeyContainerPermissionAccessEntry(string keyContainerName, KeyContainerPermissionFlags flags) :
- this (null, null, -1, keyContainerName, -1, flags) {
- }
-
-#if FEATURE_CRYPTO
- public KeyContainerPermissionAccessEntry(CspParameters parameters, KeyContainerPermissionFlags flags) :
- this((parameters.Flags & CspProviderFlags.UseMachineKeyStore) == CspProviderFlags.UseMachineKeyStore ? "Machine" : "User",
- parameters.ProviderName,
- parameters.ProviderType,
- parameters.KeyContainerName,
- parameters.KeyNumber,
- flags) {
- }
-#endif
-
- public KeyContainerPermissionAccessEntry(string keyStore, string providerName, int providerType,
- string keyContainerName, int keySpec, KeyContainerPermissionFlags flags) {
- m_providerName = (providerName == null ? "*" : providerName);
- m_providerType = providerType;
- m_keyContainerName = (keyContainerName == null ? "*" : keyContainerName);
- m_keySpec = keySpec;
- KeyStore = keyStore;
- Flags = flags;
- }
-
- public string KeyStore {
- get {
- return m_keyStore;
- }
- set {
- // Unrestricted entries are invalid; they should not be allowed.
- if (IsUnrestrictedEntry(value, this.ProviderName, this.ProviderType, this.KeyContainerName, this.KeySpec))
- throw new ArgumentException(Environment.GetResourceString("Arg_InvalidAccessEntry"));
-
- if (value == null) {
- m_keyStore = "*";
- } else {
- if (value != "User" && value != "Machine" && value != "*")
- throw new ArgumentException(Environment.GetResourceString("Argument_InvalidKeyStore", value), nameof(value));
- m_keyStore = value;
- }
- }
- }
-
- public string ProviderName {
- get {
- return m_providerName;
- }
- set {
- // Unrestricted entries are invalid; they should not be allowed.
- if (IsUnrestrictedEntry(this.KeyStore, value, this.ProviderType, this.KeyContainerName, this.KeySpec))
- throw new ArgumentException(Environment.GetResourceString("Arg_InvalidAccessEntry"));
-
- if (value == null)
- m_providerName = "*";
- else
- m_providerName = value;
- }
- }
-
- public int ProviderType {
- get {
- return m_providerType;
- }
- set {
- // Unrestricted entries are invalid; they should not be allowed.
- if (IsUnrestrictedEntry(this.KeyStore, this.ProviderName, value, this.KeyContainerName, this.KeySpec))
- throw new ArgumentException(Environment.GetResourceString("Arg_InvalidAccessEntry"));
-
- m_providerType = value;
- }
- }
-
- public string KeyContainerName {
- get {
- return m_keyContainerName;
- }
- set {
- // Unrestricted entries are invalid; they should not be allowed.
- if (IsUnrestrictedEntry(this.KeyStore, this.ProviderName, this.ProviderType, value, this.KeySpec))
- throw new ArgumentException(Environment.GetResourceString("Arg_InvalidAccessEntry"));
-
- if (value == null)
- m_keyContainerName = "*";
- else
- m_keyContainerName = value;
- }
- }
-
- public int KeySpec {
- get {
- return m_keySpec;
- }
- set {
- // Unrestricted entries are invalid; they should not be allowed.
- if (IsUnrestrictedEntry(this.KeyStore, this.ProviderName, this.ProviderType, this.KeyContainerName, value))
- throw new ArgumentException(Environment.GetResourceString("Arg_InvalidAccessEntry"));
-
- m_keySpec = value;
- }
- }
-
- public KeyContainerPermissionFlags Flags {
- get {
- return m_flags;
- }
- set {
- KeyContainerPermission.VerifyFlags(value);
- m_flags = value;
- }
- }
-
- public override bool Equals (Object o) {
- KeyContainerPermissionAccessEntry accessEntry = o as KeyContainerPermissionAccessEntry;
- if (accessEntry == null)
- return false;
-
- if (accessEntry.m_keyStore != m_keyStore) return false;
- if (accessEntry.m_providerName != m_providerName) return false;
- if (accessEntry.m_providerType != m_providerType) return false;
- if (accessEntry.m_keyContainerName != m_keyContainerName) return false;
- if (accessEntry.m_keySpec != m_keySpec) return false;
-
- return true;
- }
-
- public override int GetHashCode () {
- int hash = 0;
-
- hash |= (this.m_keyStore.GetHashCode() & 0x000000FF) << 24;
- hash |= (this.m_providerName.GetHashCode() & 0x000000FF) << 16;
- hash |= (this.m_providerType & 0x0000000F) << 12;
- hash |= (this.m_keyContainerName.GetHashCode() & 0x000000FF) << 4;
- hash |= (this.m_keySpec & 0x0000000F);
-
- return hash;
- }
-
- internal bool IsSubsetOf (KeyContainerPermissionAccessEntry target) {
- if (target.m_keyStore != "*" && this.m_keyStore != target.m_keyStore)
- return false;
- if (target.m_providerName != "*" && this.m_providerName != target.m_providerName)
- return false;
- if (target.m_providerType != -1 && this.m_providerType != target.m_providerType)
- return false;
- if (target.m_keyContainerName != "*" && this.m_keyContainerName != target.m_keyContainerName)
- return false;
- if (target.m_keySpec != -1 && this.m_keySpec != target.m_keySpec)
- return false;
-
- return true;
- }
-
- internal static bool IsUnrestrictedEntry (string keyStore, string providerName, int providerType,
- string keyContainerName, int keySpec) {
- if (keyStore != "*" && keyStore != null) return false;
- if (providerName != "*" && providerName != null) return false;
- if (providerType != -1) return false;
- if (keyContainerName != "*" && keyContainerName != null) return false;
- if (keySpec != -1) return false;
-
- return true;
- }
- }
-
- [Serializable]
- [System.Runtime.InteropServices.ComVisible(true)]
- public sealed class KeyContainerPermissionAccessEntryCollection : ICollection {
- private ArrayList m_list;
- private KeyContainerPermissionFlags m_globalFlags;
-
- private KeyContainerPermissionAccessEntryCollection () {}
- internal KeyContainerPermissionAccessEntryCollection (KeyContainerPermissionFlags globalFlags) {
- m_list = new ArrayList();
- m_globalFlags = globalFlags;
- }
-
- public KeyContainerPermissionAccessEntry this[int index] {
- get {
- if (index < 0)
- throw new InvalidOperationException(Environment.GetResourceString("InvalidOperation_EnumNotStarted"));
- if (index >= Count)
- throw new ArgumentOutOfRangeException(nameof(index), Environment.GetResourceString("ArgumentOutOfRange_Index"));
- Contract.EndContractBlock();
-
- return (KeyContainerPermissionAccessEntry)m_list[index];
- }
- }
-
- public int Count {
- get {
- return m_list.Count;
- }
- }
-
- public int Add (KeyContainerPermissionAccessEntry accessEntry) {
- if (accessEntry == null)
- throw new ArgumentNullException(nameof(accessEntry));
- Contract.EndContractBlock();
-
- int index = m_list.IndexOf(accessEntry);
- if (index == -1) {
- if (accessEntry.Flags != m_globalFlags) {
- return m_list.Add(accessEntry);
- }
- else
- return -1;
- } else {
- // We pick up the intersection of the 2 flags. This is the secure choice
- // so we are opting for it.
- ((KeyContainerPermissionAccessEntry)m_list[index]).Flags &= accessEntry.Flags;
- return index;
- }
- }
-
- public void Clear () {
- m_list.Clear();
- }
-
- public int IndexOf (KeyContainerPermissionAccessEntry accessEntry) {
- return m_list.IndexOf(accessEntry);
- }
-
- public void Remove (KeyContainerPermissionAccessEntry accessEntry) {
- if (accessEntry == null)
- throw new ArgumentNullException(nameof(accessEntry));
- Contract.EndContractBlock();
- m_list.Remove(accessEntry);
- }
-
- public KeyContainerPermissionAccessEntryEnumerator GetEnumerator () {
- return new KeyContainerPermissionAccessEntryEnumerator(this);
- }
-
- /// <internalonly/>
- IEnumerator IEnumerable.GetEnumerator () {
- return new KeyContainerPermissionAccessEntryEnumerator(this);
- }
-
- /// <internalonly/>
- void ICollection.CopyTo (Array array, int index) {
- if (array == null)
- throw new ArgumentNullException(nameof(array));
- if (array.Rank != 1)
- throw new ArgumentException(Environment.GetResourceString("Arg_RankMultiDimNotSupported"));
- if (index < 0 || index >= array.Length)
- throw new ArgumentOutOfRangeException(nameof(index), Environment.GetResourceString("ArgumentOutOfRange_Index"));
- if (index + this.Count > array.Length)
- throw new ArgumentException(Environment.GetResourceString("Argument_InvalidOffLen"));
- Contract.EndContractBlock();
-
- for (int i=0; i < this.Count; i++) {
- array.SetValue(this[i], index);
- index++;
- }
- }
-
- public void CopyTo (KeyContainerPermissionAccessEntry[] array, int index) {
- ((ICollection)this).CopyTo(array, index);
- }
-
- public bool IsSynchronized {
- get {
- return false;
- }
- }
-
- public Object SyncRoot {
- get {
- return this;
- }
- }
- }
-
- [Serializable]
- [System.Runtime.InteropServices.ComVisible(true)]
- public sealed class KeyContainerPermissionAccessEntryEnumerator : IEnumerator {
- private KeyContainerPermissionAccessEntryCollection m_entries;
- private int m_current;
-
- private KeyContainerPermissionAccessEntryEnumerator () {}
- internal KeyContainerPermissionAccessEntryEnumerator (KeyContainerPermissionAccessEntryCollection entries) {
- m_entries = entries;
- m_current = -1;
- }
-
- public KeyContainerPermissionAccessEntry Current {
- get {
- return m_entries[m_current];
- }
- }
-
- /// <internalonly/>
- Object IEnumerator.Current {
- get {
- return (Object) m_entries[m_current];
- }
- }
-
- public bool MoveNext() {
- if (m_current == ((int) m_entries.Count - 1))
- return false;
- m_current++;
- return true;
- }
-
- public void Reset() {
- m_current = -1;
- }
- }
-
- [Serializable]
- [System.Runtime.InteropServices.ComVisible(true)]
- public sealed class KeyContainerPermission : CodeAccessPermission, IUnrestrictedPermission, IBuiltInPermission {
- private KeyContainerPermissionFlags m_flags;
- private KeyContainerPermissionAccessEntryCollection m_accessEntries;
-
- public KeyContainerPermission (PermissionState state) {
- if (state == PermissionState.Unrestricted)
- m_flags = KeyContainerPermissionFlags.AllFlags;
- else if (state == PermissionState.None)
- m_flags = KeyContainerPermissionFlags.NoFlags;
- else
- throw new ArgumentException(Environment.GetResourceString("Argument_InvalidPermissionState"));
- m_accessEntries = new KeyContainerPermissionAccessEntryCollection(m_flags);
- }
-
- public KeyContainerPermission (KeyContainerPermissionFlags flags) {
- VerifyFlags(flags);
- m_flags = flags;
- m_accessEntries = new KeyContainerPermissionAccessEntryCollection(m_flags);
- }
-
- public KeyContainerPermission (KeyContainerPermissionFlags flags, KeyContainerPermissionAccessEntry[] accessList) {
- if (accessList == null)
- throw new ArgumentNullException(nameof(accessList));
- Contract.EndContractBlock();
-
- VerifyFlags(flags);
- m_flags = flags;
- m_accessEntries = new KeyContainerPermissionAccessEntryCollection(m_flags);
- for (int index = 0; index < accessList.Length; index++) {
- m_accessEntries.Add(accessList[index]);
- }
- }
-
- public KeyContainerPermissionFlags Flags {
- get {
- return m_flags;
- }
- }
-
- public KeyContainerPermissionAccessEntryCollection AccessEntries {
- get {
- return m_accessEntries;
- }
- }
-
- public bool IsUnrestricted () {
- if (m_flags != KeyContainerPermissionFlags.AllFlags)
- return false;
-
- foreach (KeyContainerPermissionAccessEntry accessEntry in AccessEntries) {
- if ((accessEntry.Flags & KeyContainerPermissionFlags.AllFlags) != KeyContainerPermissionFlags.AllFlags)
- return false;
- }
-
- return true;
- }
-
- private bool IsEmpty () {
- if (this.Flags == KeyContainerPermissionFlags.NoFlags) {
- foreach (KeyContainerPermissionAccessEntry accessEntry in AccessEntries) {
- if (accessEntry.Flags != KeyContainerPermissionFlags.NoFlags)
- return false;
- }
- return true;
- }
- return false;
- }
-
- //
- // IPermission implementation
- //
-
- public override bool IsSubsetOf (IPermission target) {
- if (target == null)
- return IsEmpty();
-
- if (!VerifyType(target))
- throw new ArgumentException(Environment.GetResourceString("Argument_WrongType", this.GetType().FullName));
-
- KeyContainerPermission operand = (KeyContainerPermission) target;
-
- // since there are containers that are neither in the access list of the source, nor in the
- // access list of the target, the source flags must be a subset of the target flags.
- if ((this.m_flags & operand.m_flags) != this.m_flags)
- return false;
-
- // Any entry in the source should have "applicable" flags in the destination that actually
- // are less restrictive than the flags in the source.
-
- foreach (KeyContainerPermissionAccessEntry accessEntry in AccessEntries) {
- KeyContainerPermissionFlags targetFlags = GetApplicableFlags(accessEntry, operand);
- if ((accessEntry.Flags & targetFlags) != accessEntry.Flags)
- return false;
- }
-
- // Any entry in the target should have "applicable" flags in the source that actually
- // are more restrictive than the flags in the target.
-
- foreach (KeyContainerPermissionAccessEntry accessEntry in operand.AccessEntries) {
- KeyContainerPermissionFlags sourceFlags = GetApplicableFlags(accessEntry, this);
- if ((sourceFlags & accessEntry.Flags) != sourceFlags)
- return false;
- }
-
- return true;
- }
-
- public override IPermission Intersect (IPermission target) {
- if (target == null)
- return null;
-
- if (!VerifyType(target))
- throw new ArgumentException(Environment.GetResourceString("Argument_WrongType", this.GetType().FullName));
-
- KeyContainerPermission operand = (KeyContainerPermission) target;
- if (this.IsEmpty() || operand.IsEmpty())
- return null;
-
- KeyContainerPermissionFlags flags_intersect = operand.m_flags & this.m_flags;
- KeyContainerPermission cp = new KeyContainerPermission(flags_intersect);
- foreach (KeyContainerPermissionAccessEntry accessEntry in AccessEntries) {
- cp.AddAccessEntryAndIntersect(accessEntry, operand);
- }
- foreach (KeyContainerPermissionAccessEntry accessEntry in operand.AccessEntries) {
- cp.AddAccessEntryAndIntersect(accessEntry, this);
- }
- return cp.IsEmpty() ? null : cp;
- }
-
- public override IPermission Union (IPermission target) {
- if (target == null)
- return this.Copy();
-
- if (!VerifyType(target))
- throw new ArgumentException(Environment.GetResourceString("Argument_WrongType", this.GetType().FullName));
-
- KeyContainerPermission operand = (KeyContainerPermission) target;
- if (this.IsUnrestricted() || operand.IsUnrestricted())
- return new KeyContainerPermission(PermissionState.Unrestricted);
-
- KeyContainerPermissionFlags flags_union = (KeyContainerPermissionFlags) (m_flags | operand.m_flags);
- KeyContainerPermission cp = new KeyContainerPermission(flags_union);
- foreach (KeyContainerPermissionAccessEntry accessEntry in AccessEntries) {
- cp.AddAccessEntryAndUnion(accessEntry, operand);
- }
- foreach (KeyContainerPermissionAccessEntry accessEntry in operand.AccessEntries) {
- cp.AddAccessEntryAndUnion(accessEntry, this);
- }
- return cp.IsEmpty() ? null : cp;
- }
-
- public override IPermission Copy () {
- if (this.IsEmpty())
- return null;
-
- KeyContainerPermission cp = new KeyContainerPermission((KeyContainerPermissionFlags)m_flags);
- foreach (KeyContainerPermissionAccessEntry accessEntry in AccessEntries) {
- cp.AccessEntries.Add(accessEntry);
- }
- return cp;
- }
-
- /// <internalonly/>
- int IBuiltInPermission.GetTokenIndex () {
- return KeyContainerPermission.GetTokenIndex();
- }
-
- //
- // private methods
- //
-
- private void AddAccessEntries(SecurityElement securityElement) {
- if (securityElement.InternalChildren != null && securityElement.InternalChildren.Count != 0) {
- IEnumerator elemEnumerator = securityElement.Children.GetEnumerator();
- while (elemEnumerator.MoveNext()) {
- SecurityElement current = (SecurityElement) elemEnumerator.Current;
- if (current != null) {
- if (String.Equals(current.Tag, "AccessEntry")) {
- int iMax = current.m_lAttributes.Count;
- Debug.Assert(iMax % 2 == 0, "Odd number of strings means the attr/value pairs were not added correctly");
- string keyStore = null;
- string providerName = null;
- int providerType = -1;
- string keyContainerName = null;
- int keySpec = -1;
- KeyContainerPermissionFlags flags = KeyContainerPermissionFlags.NoFlags;
- for (int i = 0; i < iMax; i += 2) {
- String strAttrName = (String) current.m_lAttributes[i];
- String strAttrValue = (String) current.m_lAttributes[i+1];
- if (String.Equals(strAttrName, "KeyStore"))
- keyStore = strAttrValue;
- if (String.Equals(strAttrName, "ProviderName"))
- providerName = strAttrValue;
- else if (String.Equals(strAttrName, "ProviderType"))
- providerType = Convert.ToInt32(strAttrValue, null);
- else if (String.Equals(strAttrName, "KeyContainerName"))
- keyContainerName = strAttrValue;
- else if (String.Equals(strAttrName, "KeySpec"))
- keySpec = Convert.ToInt32(strAttrValue, null);
- else if (String.Equals(strAttrName, "Flags")) {
- flags = (KeyContainerPermissionFlags) Enum.Parse(typeof(KeyContainerPermissionFlags), strAttrValue);
- }
- }
- KeyContainerPermissionAccessEntry accessEntry = new KeyContainerPermissionAccessEntry(keyStore, providerName, providerType, keyContainerName, keySpec, flags);
- AccessEntries.Add(accessEntry);
- }
- }
- }
- }
- }
-
- private void AddAccessEntryAndUnion (KeyContainerPermissionAccessEntry accessEntry, KeyContainerPermission target) {
- KeyContainerPermissionAccessEntry newAccessEntry = new KeyContainerPermissionAccessEntry(accessEntry);
- newAccessEntry.Flags |= GetApplicableFlags(accessEntry, target);
- AccessEntries.Add(newAccessEntry);
- }
-
- private void AddAccessEntryAndIntersect (KeyContainerPermissionAccessEntry accessEntry, KeyContainerPermission target) {
- KeyContainerPermissionAccessEntry newAccessEntry = new KeyContainerPermissionAccessEntry(accessEntry);
- newAccessEntry.Flags &= GetApplicableFlags(accessEntry, target);
- AccessEntries.Add(newAccessEntry);
- }
-
- //
- // private/internal static methods.
- //
-
- internal static void VerifyFlags (KeyContainerPermissionFlags flags) {
- if ((flags & ~KeyContainerPermissionFlags.AllFlags) != 0)
- throw new ArgumentException(Environment.GetResourceString("Arg_EnumIllegalVal", (int)flags));
- Contract.EndContractBlock();
- }
-
- private static KeyContainerPermissionFlags GetApplicableFlags (KeyContainerPermissionAccessEntry accessEntry, KeyContainerPermission target) {
- KeyContainerPermissionFlags flags = KeyContainerPermissionFlags.NoFlags;
- bool applyDefaultFlags = true;
-
- // If the entry exists in the target, return the flag of the target entry.
- int index = target.AccessEntries.IndexOf(accessEntry);
- if (index != -1) {
- flags = ((KeyContainerPermissionAccessEntry)target.AccessEntries[index]).Flags;
- return flags;
- }
-
- // Intersect the flags in all the target entries that apply to the current access entry,
- foreach (KeyContainerPermissionAccessEntry targetAccessEntry in target.AccessEntries) {
- if (accessEntry.IsSubsetOf(targetAccessEntry)) {
- if (applyDefaultFlags == false) {
- flags &= targetAccessEntry.Flags;
- } else {
- flags = targetAccessEntry.Flags;
- applyDefaultFlags = false;
- }
- }
- }
-
- // If no target entry applies to the current entry, the default global flag applies.
- if (applyDefaultFlags)
- flags = target.Flags;
-
- return flags;
- }
-
- private static int GetTokenIndex() {
- return BuiltInPermissionIndex.KeyContainerPermissionIndex;
- }
- }
-}